Niël Terblanché and Ester Mbathera
The minister of health and social service Kalumbi Shangula feels uncertain about the future after his sensitive information was leaked on the dark web.
“Nobody can feel safe because you don’t know what they (hackers) can do with the information. There are many ways that they can use the information. It’s just terrible,” he said.
Shangula whose ministry was also targeted said the IT officials are attending to the matter.
The cyberattack that resulted in one of the largest known data security incidents in Namibian history is suspected to have been orchestrated by the ransomware group Hunters International.
It exposed over 626 gigabytes of sensitive data of over 493 000 individuals, ministries, state-owned enterprises and private businesses.
The leaked trove includes copies of people’s IDs, bank details, customer contracts, and internal budget reports covering Telecom’s operations between 2021 and 2024.
Other prominent clients whose information was leaked include President Nangolo Mbumba, former President Hifikepunye Pohamba, Popular Democratic Movement president McHenry Venaani, minister of agriculture Calle Schlettwein and businessman Knowledge Katti.
The list also includes NBC board chairperson Lazarus Jacobs, Speaker of the National Assembly Peter Katjavivi, and veteran journalist Menesia Muinjo.
Former Walvis Bay Urban Constituency Councilor Knowledge Ipinge whose information was also shared said as a starting point, a thorough investigation is required to determine the actual target of the cyber attackers and to understand and mitigate potential threats.
“Are the attackers after email addresses, IP addresses, keywords, SIM swapping, or manipulation of caller ID information? Is it a campaign aimed at stealing intellectual property (IP) for identity theft, financial fraud, a more convincing phishing attack, or targeting various government institutions?” he asked.
Ipinge added that incoming members of the National Assembly irrespective of their political affiliation have a responsibility to prioritise effective and transparent legislative action on cybersecurity and artificial intelligence.
“They must establish clear rules that mitigate risks while considering democracy, human rights, and the rule of law. This includes preventing fraud, misinformation, and disinformation, which can undermine our democratic institutions, incite extremism, and violate personal rights to privacy and data ownership, affecting all Namibian people at large,” he said.
Businessman Andre Bok also learned that his personal details are among the leaked data.
“This is unacceptable! There are hundreds of thousands of names on that list, but the fact that mine and my son, Nathan André Bok, are included is outrageous,” he said.
Bok is demanding immediate action and a transparent explanation from Telecom.
Many people took to social media to express their opinions on the matter.
Laurence Foreman said the incident is a wake-up call to all organisations, big and small, to invest in robust cybersecurity measures.
“Hiring qualified cybersecurity specialists isn’t just an optional expense—it’s a necessity. Paying an average salary of around 15k per month for cybersecurity talent is simply not enough to attract the expertise required to safeguard our data. If companies want to protect their customers and maintain trust, they must be willing to invest significantly more in securing their systems,” he said.
He added that if his information is among the released records, he will pursue a lawsuit against Telecom Namibia for their failure to protect his personal data.
“Namibia urgently needs Information and Cyber Security laws in place to assist and guide companies. Unfortunately, very few people understand and know how to manage this cyber threat and risk!” said Pieter Kruger.
The cyber attack was first exposed by Nurpesh Soni, a digital strategist and information and communications technology consultant towards the end of last week.
“A friend of mine, specializing in the same field as me, first alerted me to the hacker group, who threatened Telecom Namibia that the personal information of 492 633 Namibians will be published on the dark web if their ransom demand is not met by Friday 13 December,” he said.
Hackers, suspected to have possibly been aided by an insider, released the stolen data on the dark web after Telecom Namibia refused to meet an undisclosed ransom demand.
According to Soni, the exposure of such critical information raised fears of widespread identity theft, financial fraud, and targeted phishing scams.
“People should take immediate steps which include changing passwords, monitoring bank accounts for unauthorized activity, and enabling two-factor authentication on all sensitive platforms,” he advised.
Soni said the Telecom breach was bigger than what the company is willing to admit.
“Now that the hackers or bad actors know that Namibia is hackable and don’t have systems in place to protect sensitive data, each ministry and parastatal can expect to come under attack by hackers,” he said.
According to Soni the implications of personal data being made available on the World Wide Web can be severe.
He advised individuals and businesses who dealt with Telecom in the past to take immediate steps to safeguard their information.
“People should take immediate steps which include changing passwords, monitoring bank accounts for unauthorized activity, and enabling two-factor authentication on all sensitive platforms,” he advised.
Telecom Namibia’s chief executive officer, Stanley Shanapinda, attempted to dispel public fears when the news broke last week Thursday.
In a statement shared on Thursday, Shanapinda said that “no data had been compromised” and that the incident was mitigated promptly.
However, a day later when the ransom deadline expired, Hunters International executed their threat and published the files containing sensitive Telecom data and the details of the state-owned enterprise’s customers.
On Saturday the company issued another statement saying it will issue a detailed statement.
“Telecom Namibia is aware of the recent cyber incident involving its customers’ data leak, that is circulating on social media. We are currently assessing the full scope and extent of the incident,” said the company.
Emilia Nghikembua, CRAN chief executive officer and head of Namibia Cyber Security Incident Response Team (NAM-CSIRT), said, support is being rendered to Telecom to mitigate the cyber attack.
She said NAM-CSIRT detected the data exfiltration incident on 11 December.
Telecom, according to her, was informed and an investigation to assess the extent of the breach was initiated.
“We take cybersecurity very seriously, particularly incidents that affect CI and CII and consumer data. NAM-CSIRT has been working diligently with the operator to ensure that all necessary measures are taken to contain and address the information breach. This incident highlights the need for vigilance and collaboration to mitigate the ever-evolving cyber threats facing our nation,” she said
The cyber attack is not isolated, many other countries have been targeted in recent weeks.
In November Chinese hackers, identified as Salt Typhoon, infiltrated U.S. telecommunications infrastructure.
International media houses reported that the Chinese hacking campaign potentially gained access to data on hundreds of thousands of cell phone users in America, including top U.S. leaders.
